Can edit group 1 9505#309
Conversation
ghost
assigned
|
The tests are still failing, but look to be testing what's intended. Rather than merge this without a fix, I'll open a PR on this branch with my fixes, but not for the build tomorrow. |
Restrictions on objects like Project were being improperly copied (to some extent from DUMMY Permissions).
Umasks are unused (and unsupported). No reason to be creating all of these Permissions objects.
The group permissions object which was being cached in the BasicEventContext was being assigned directly to multiple objects causing the restrictions value to be overwritten.
|
Will, rather than my opening a PR on your PR etc., can you push -f my branch (https://github.com/joshmoore/openmicroscopy/tree/9505-perm-restrictions) to your branch which will update this PR? I cherry-picked both of your commits and applied a fix. |
|
The tests now pass, but this will need a day of general testing to make sure nothing's gone wrong. |
|
Waiting for a review of the "locked project" situation for test users, as reported on 30/08/2012. |
"user" group permissions were not being loaded properly leading to NPEs. Since modifying data in the "user" group is not the regular case, a EMPTY permissions should be a safe default.
|
Removing this from 4.4.4 for the moment, so we can verify that gretzky works as expected without. |
This orders users by their id and prints separate columns for "active" and "admin" to make group membership easier to read.
Since the restrictions array was being re-used, the ordering of objects processed affected what value was returned. Most returned objects tend to be users and groups, which have lower permissions leading to the "locked" problem.
If the restrictions array to be created contains only "false" elements, then there's no reason to copy it. A null "restrictions" is equally good.
|
I can't see any obvious defects with this PR (tested with user-5/read-annotate-1 on gretzky using insight and web). |
|
Merging. For release, we'll need a significant round of permissions testing. |
3 participants
Test for canEdit() and canAnnotate() when we get objects using 'omero.group': '-1'